Jun 8, 2012 Clicktale injects Amazon ads on websites?!

Have you seen something like this ad block on a website recently? Even though the site might not be a part of an advertising program and you don’t have any advertising plugin in your browser, that things pups up in a totally inappropriate place and screws the design of the website.

I did a quick research about why it appears and found it a good illustration of how technologies get twisted in a weird way. Here is what I’ve found about it …

I actually found this on a site I was working on, so I was quite sure there was no advertising code embedded into it. I also checked the list of plugins/addons and verified that I don’t have anything suspicious. Anyway, looking at the source code almost never hurts, so I started looking at it and found one suspicious place: clicktale javascript. Yes, this code is unrelated to advertising, but who knows, maybe this company went rogue or someone hacked it so its scripts started injecting ads on their client’s sites?

So I went ahead and removed the clicktale code and you know what? That fixed the problem!

Amazing! I blamed clicktale for a few minutes but then decided to take another look at the ads. It appeared they all lead to superfish website. Hmmm ... Another strange thing is that the ads were appearing exactly where they should appear on amazon.com product page. Now I started suspecting Amazon in this huge conspiracy involving Clicktale (injects the code) and Superfish (hosts the ads).

Well, a few more minutes of investigation revealed the true antihero of this story: Firefox plugin called "Awesome Screenshot: Capture and Annotate". It should actually be called "Capture, Annotate and Watch Annoying Ads". Disabling this plugin also was curing the problem. Some googling revealed that the plugin is indeed an adware hiding behind a clever name and some useful functionality.

So how's clicktale and amazon are involved? Well, I don't have enough time to prove this, but it looks like SuperFish adware has some logic that tries to identify if the website is worth injecting the ads. Some code from ClickTale was confusing it so it thought it is on amazon.com while actually it was on a totally different website (the one I was working on). So it was jsut injecting the ads where they were suppoed to be inject on amazon. Cool! And stupid!

Well, modern technology sometimes amazes me when it gets twisted in such a weird way :)